What is the best way to get data into AX from a separate SQL database?

ATrain · June 2, 2011, 4:49pm

We have a separate SQL database that we need to pull information from into AX. Right now, we are using direct SQL calls from X++. I’m very nervous that it leaves us completely open to SQL injection attacks. Is there an alternative, or a good way to sanitize the data?

We are doing something like:

sqlStatement = ‘select * from customTable’;

sqlStatementExecutePermission = new SqlStatementExecutePermission(sqlStatement);

sqlStatementExecutePermission.assert();

resultSet = statement.executeQuery(sqlStatement);

kranthi · June 3, 2011, 10:05am

look into these links

http://msdn.microsoft.com/en-us/library/aa600196.aspx

http://msdn.microsoft.com/en-us/library/ee677510.aspx

ATrain · June 3, 2011, 5:09pm

That is what we are doing now, I was hoping for an alternative such as .Net’s LINQ (Language integrated query).

The connection.createStatement is vulnerable to SQL injection attacks without sanitation and I’m not a big fan of long SQL strings of text in AX. See here for what worries me:

http://msdn.microsoft.com/en-us/library/aa600674.aspx

Topic		Replies	Views
Data from AX to Sql Table Developer Forum	0	594	October 4, 2012
Exporting data from external database (sql) to AX2009 Developer Forum	1	690	June 25, 2018
Call SP from AX. Developer Forum	0	1250	December 16, 2010
Call SQL stored procedure from Ax client Developer Forum	4	12589	June 13, 2014
Integrate data from sql db to ax table. Developer Forum	0	873	July 11, 2012

What is the best way to get data into AX from a separate SQL database?

Related Topics